CVE-2025-30722

{"id": "CVE-2025-30722", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "secalert_us@oracle.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.6}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 1.6}]}, "published": "2025-04-15T21:16:01.870", "references": [{"url": "https://www.oracle.com/security-alerts/cpuapr2025.html", "tags": ["Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "https://security.netapp.com/advisory/ntap-20250418-0005/", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Client accessible data as well as unauthorized update, insert or delete access to some of MySQL Client accessible data. CVSS 3.1 Base Score 5.9 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N)."}, {"lang": "es", "value": "Vulnerabilidad en el producto Cliente MySQL de Oracle MySQL (componente: Cliente: mysqldump). Las versiones compatibles afectadas son 8.0.0-8.0.41, 8.4.0-8.4.4 y 9.0.0-9.2.0. Esta vulnerabilidad, dif\u00edcil de explotar, permite a un atacante con pocos privilegios y acceso a la red a trav\u00e9s de m\u00faltiples protocolos comprometer el Cliente MySQL. Los ataques con \u00e9xito pueden resultar en acceso no autorizado a datos cr\u00edticos o acceso completo a todos los datos accesibles del Cliente MySQL, as\u00ed como acceso no autorizado a actualizaciones, inserciones o eliminaciones de algunos datos accesibles del Cliente MySQL. Puntuaci\u00f3n base de CVSS 3.1: 5.9 (Afecta a la confidencialidad y la integridad). Vector CVSS: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N)."}], "lastModified": "2025-06-27T16:03:10.617", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1FD1C5C2-5266-48D9-AA5F-DD04C98E4E23", "versionEndIncluding": "7.6.33", "versionStartIncluding": "7.6.0"}, {"criteria": "cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6EA1092F-209F-41DC-A011-2AF17242F1E1", "versionEndIncluding": "8.0.41", "versionStartIncluding": "8.0.0"}, {"criteria": "cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "887D4DDD-E634-4442-9FC3-05B9FBDD161E", "versionEndIncluding": "8.4.4", "versionStartIncluding": "8.4.0"}, {"criteria": "cpe:2.3:a:oracle:mysql_cluster:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "14F46F26-AAE0-42DD-BEC2-6CB05F297A76", "versionEndIncluding": "9.2.0", "versionStartIncluding": "9.0.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:mysql_client:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "19E4FDDE-A035-4E72-AC34-FE8B75013682", "versionEndIncluding": "8.0.41", "versionStartIncluding": "8.0.0"}, {"criteria": "cpe:2.3:a:oracle:mysql_client:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1898BB9E-C5C9-4564-BEFB-D9CA5829EAE8", "versionEndIncluding": "8.4.4", "versionStartIncluding": "8.4.0"}, {"criteria": "cpe:2.3:a:oracle:mysql_client:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "21B2906E-628D-446E-A6B8-ACB064EADE99", "versionEndIncluding": "9.2.0", "versionStartIncluding": "9.0.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", "vulnerable": true, "matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5"}, {"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "B55E8D50-99B4-47EC-86F9-699B67D473CE"}, {"criteria": "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BDFB1169-41A0-4A86-8E4F-FDA9730B1E94"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}